BlackBerry Offers Its Security Technology to IoT Device Makers

BlackBerry on Monday announced that manufacturers of Internet of Things (IoT) devices can now use the company’s technology to improve the safety and security of their products.

BlackBerry, which recently announced the acquisition of endpoint security firm Cylance for $1.4 billion in cash, says its Secure technology can be licensed by third-party vendors for their Internet-connected devices.

The Secure feature packs provide manufacturers a framework that should help them build safer and more secure products without the need to internally develop cybersecurity technology and expertise. Each device will be reviewed by the company’s cybersecurity experts to ensure that it complies with the requirements needed for it to become “BlackBerry Secure.”

Available immediately, there are three types of BlackBerry Secure packages: Enablement Feature Pack, Foundations Feature Pack, and Enterprise Feature Pack.

Organizations that acquire the Enablement Feature Pack will be provided the hardware and services necessary to ensure a device’s integrity throughout its lifecycle. Specifically, a manufacturing station provided by BlackBerry offers a hardware Root of Trust, and an identity service key is injected into the device and stored on a secure server. The keys are checked at boot and periodically throughout the device’s lifecycle and if they don’t match, the system will no longer start.

The BlackBerry Secure Foundations Feature Pack provides hardening for the operating system’s kernel and locks down the software being executed on the device via Secure Boot and ARM Trustzone.

For devices that will be used in restricted or regulated environments, the Enterprise Feature Pack provides deep management and control, allowing organizations to define extended policies. These policies can be used to protect data by limiting what can be accessed over debug interfaces, radios (e.g. Wi-Fi, cellular and GPS), and communication standards (e.g. NFC, Bluetooth).

Consumers don’t trust connected devices

The tech giant says the licensing of its BlackBerry Secure technology should address the lack of trust consumers have in connected devices. A survey conducted last month on behalf of BlackBerry – over 4,000 people from the US, UK and Canada participated – showed that roughly 80 percent of respondents did not trust their current devices in terms of data security and privacy.

More than half of the consumers who took part in the survey said they would pay more for Internet-connected devices that offer better security.

While many consumers consider security an important factor when purchasing a device, BlackBerry’s survey shows that nearly a quarter don’t restrict access to data and 17 percent say they don’t know how to do that. When it comes to security certifications, one-third of Americans and 41 percent of respondents in Canada and the United Kingdom say they don’t know what to look for.

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.